Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/8j9-L_RONYbO5pct6BaIUP49Jq8.roa
File: 8j9-L_RONYbO5pct6BaIUP49Jq8.roa (raw, json)
Hash identifier: TIaaBWL1jzkAtw/gcAYt5xesS4BiLd6+3AzOv7BVHgs=
Subject key identifier: F2:3F:7E:2F:F4:4E:35:86:CE:E6:97:2D:E8:16:88:50:FE:3D:26:AF
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 0195F1361C5B1E0349D2540277AB7A3E073E
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/8j9-L_RONYbO5pct6BaIUP49Jq8.roa
Signing time: Tue 01 Apr 2025 11:56:49 +0000
ROA not before: Tue 01 Apr 2025 11:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42908
IP address blocks: 5.102.48.0/20 maxlen: 20
31.10.56.0/21 maxlen: 21
45.159.116.0/22 maxlen: 22
46.183.56.0/21 maxlen: 21
46.231.72.0/21 maxlen: 21
77.95.192.0/21 maxlen: 21
78.136.128.0/18 maxlen: 18
80.78.136.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
80.87.176.0/20 maxlen: 20
80.90.128.0/20 maxlen: 20
80.243.236.0/22 maxlen: 22
80.251.240.0/20 maxlen: 20
88.81.64.0/19 maxlen: 19
91.187.32.0/19 maxlen: 19
92.61.80.0/20 maxlen: 20
93.92.48.0/21 maxlen: 21
93.93.32.0/21 maxlen: 21
94.241.64.0/18 maxlen: 18
109.108.96.0/19 maxlen: 19
176.102.128.0/19 maxlen: 19
178.17.80.0/20 maxlen: 20
185.78.12.0/22 maxlen: 22
185.82.236.0/22 maxlen: 22
185.108.60.0/22 maxlen: 22
185.157.240.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
193.42.128.0/22 maxlen: 22
193.107.252.0/22 maxlen: 22
213.19.0.0/17 maxlen: 17
213.155.32.0/19 maxlen: 19
213.250.192.0/18 maxlen: 18
217.170.96.0/20 maxlen: 20
217.196.112.0/20 maxlen: 20
217.197.144.0/20 maxlen: 20
2001:67c:13c4::/48 maxlen: 48
2a00:e4c0::/32 maxlen: 32
2a01:9f40::/29 maxlen: 29
2a02:2088::/32 maxlen: 32
2a02:2088:1000::/36 maxlen: 36
2a02:2428::/32 maxlen: 32
2a02:2588::/29 maxlen: 29
2a03:1600::/32 maxlen: 32
2a03:7a00::/32 maxlen: 32
2a03:a820::/32 maxlen: 32
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 13:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:36:1c:5b:1e:03:49:d2:54:02:77:ab:7a:3e:07:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Apr 1 11:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f23f7e2ff44e3586cee6972de8168850fe3d26af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c7:13:c1:a8:a2:69:7f:09:61:d8:32:81:3c:
56:fb:1d:aa:d5:6e:6b:58:79:8c:6a:42:c9:30:47:
21:3b:f7:a5:d0:60:de:24:63:cd:7f:bb:00:9d:70:
94:48:d7:1c:dc:68:ae:3e:eb:7b:77:a9:c0:a1:ed:
e9:16:2e:40:2c:37:07:2d:71:46:3d:59:62:b0:f0:
5d:ac:41:ef:d2:e8:59:78:45:34:84:7c:cd:65:86:
70:65:3e:fb:c1:0e:21:cf:05:6d:bc:80:32:93:39:
63:75:7b:b5:38:41:18:11:55:5c:7d:95:9c:bf:ba:
af:1e:44:84:f3:20:ad:f9:cb:7d:41:ae:5b:56:97:
17:ec:10:8e:16:46:d4:d1:85:6c:4d:4b:eb:3c:34:
2b:f6:8d:5a:00:0e:aa:ef:c3:6d:b2:62:7f:07:d3:
69:b0:1a:b6:4c:e4:1d:8d:31:4d:ab:74:a2:d8:f6:
de:a2:e1:17:68:38:8e:2e:13:c3:c9:47:13:a5:75:
d2:0f:b1:54:84:35:7d:06:bb:09:f7:47:01:ce:3d:
9f:ec:1b:af:cb:cd:06:e2:3a:4b:83:f7:48:b3:5d:
39:cb:6c:d9:5b:13:87:da:91:99:f4:25:85:ab:77:
a4:3d:ad:81:cb:85:26:58:53:b5:6e:78:54:11:dc:
b2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3F:7E:2F:F4:4E:35:86:CE:E6:97:2D:E8:16:88:50:FE:3D:26:AF
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/8j9-L_RONYbO5pct6BaIUP49Jq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.48.0/20
31.10.56.0/21
45.159.116.0/22
46.183.56.0/21
46.231.72.0/21
77.95.192.0/21
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
80.87.176.0/20
80.90.128.0/20
80.243.236.0/22
80.251.240.0/20
88.81.64.0/19
91.187.32.0/19
92.61.80.0/20
93.92.48.0/21
93.93.32.0/21
94.241.64.0/18
109.108.96.0/19
176.102.128.0/19
178.17.80.0/20
185.78.12.0/22
185.82.236.0/22
185.108.60.0/22
185.157.240.0/22
188.119.96.0/22
193.42.128.0/22
193.107.252.0/22
213.19.0.0/17
213.155.32.0/19
213.250.192.0/18
217.170.96.0/20
217.196.112.0/20
217.197.144.0/20
IPv6:
2001:67c:13c4::/48
2a00:e4c0::/32
2a01:9f40::/29
2a02:2088::/32
2a02:2428::/32
2a02:2588::/29
2a03:1600::/32
2a03:7a00::/32
2a03:a820::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:18:1f:a6:39:fd:e4:2c:ca:a8:09:9a:85:24:17:ca:b7:20:
0a:ec:bf:c4:5e:f4:21:74:35:b1:7e:07:a5:a6:51:db:d6:22:
94:92:b0:26:3b:2c:a6:95:eb:bc:2f:f5:a3:d9:7c:7c:20:7e:
01:92:be:a0:7a:d4:d7:e2:18:7e:70:1b:09:bc:a5:01:05:ee:
ae:e0:ce:ca:07:46:72:00:f8:4b:c5:07:c0:31:cd:f2:38:fb:
ad:25:ba:0a:02:a8:06:ac:a4:1b:f9:af:3f:6a:d5:70:39:92:
af:7f:ce:da:09:ab:b9:2c:e9:57:56:10:ad:6e:50:81:7d:d6:
e6:99:e7:bb:aa:1a:4f:48:f5:7e:b6:61:77:b4:96:57:36:c9:
cc:bb:88:6f:21:48:d8:01:ca:58:79:51:a4:c9:85:a2:b7:aa:
14:82:5b:31:f8:44:46:f0:dc:7e:02:20:ba:aa:be:b6:4d:25:
95:72:2e:4f:19:b3:ee:3c:bc:24:d5:96:2e:a9:2a:9d:73:66:
34:7d:60:96:49:78:7c:a6:f9:c6:79:60:df:d0:28:2d:49:f6:
b3:92:8b:96:ba:37:8d:82:2e:4a:b2:71:26:e4:20:6e:3d:24:
8d:d3:25:8e:4d:e6:3d:75:27:52:1f:d5:73:d0:88:f4:ea:a5:
94:ed:8c:9e
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgISAZXxNhxbHgNJ0lQCd6t6Pgc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwNDAxMTE1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNmN2UyZmY0NGUzNTg2Y2VlNjk3MmRlODE2ODg1MGZlM2QyNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMcTwaiiaX8JYdgygTxW+x2q1W5r
WHmMakLJMEchO/el0GDeJGPNf7sAnXCUSNcc3GiuPut7d6nAoe3pFi5ALDcHLXFG
PVlisPBdrEHv0uhZeEU0hHzNZYZwZT77wQ4hzwVtvIAykzljdXu1OEEYEVVcfZWc
v7qvHkSE8yCt+ct9Qa5bVpcX7BCOFkbU0YVsTUvrPDQr9o1aAA6q78NtsmJ/B9Np
sBq2TOQdjTFNq3Si2PbeouEXaDiOLhPDyUcTpXXSD7FUhDV9BrsJ90cBzj2f7Buv
y80G4jpLg/dIs105y2zZWxOH2pGZ9CWFq3ekPa2By4UmWFO1bnhUEdyyMQIDAQAB
o4IDNDCCAzAwHQYDVR0OBBYEFPI/fi/0TjWGzuaXLegWiFD+PSavMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvOGo5LUxfUk9OWWJPNXBjdDZCYUlVUDQ5SnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSAYIKwYBBQUHAQcBAf8EggE3MIIBMzCB2QQCAAEwgdID
BAQFZjADBAMfCjgDBAItn3QDBAMutzgDBAMu50gDBANNX8ADBAZOiIADBAJQTogD
BAJQTwADBARQV7ADBARQWoADBAJQ8+wDBARQ+/ADBAVYUUADBAVbuyADBARcPVAD
BANdXDADBANdXSADBAZe8UADBAVtbGADBAWwZoADBASyEVADBAK5TgwDBAK5UuwD
BAK5bDwDBAK5nfADBAK8d2ADBALBKoADBALBa/wDBAfVEwADBAXVmyADBAbV+sAD
BATZqmADBATZxHADBATZxZAwVQQCAAIwTwMHACABBnwTxAMFACoA5MADBQMqAZ9A
AwUAKgIgiAMFACoCJCgDBQMqAiWIAwUAKgMWAAMFACoDegADBQAqA6ggAwUDKgfM
gAMFAyoMi0AwDQYJKoZIhvcNAQELBQADggEBADoYH6Y5/eQsyqgJmoUkF8q3IArs
v8Re9CF0NbF+B6WmUdvWIpSSsCY7LKaV67wv9aPZfHwgfgGSvqB61NfiGH5wGwm8
pQEF7q7gzsoHRnIA+EvFB8AxzfI4+60lugoCqAaspBv5rz9q1XA5kq9/ztoJq7ks
6VdWEK1uUIF91uaZ57uqGk9I9X62YXe0llc2ycy7iG8hSNgBylh5UaTJhaK3qhSC
WzH4REbw3H4CILqqvrZNJZVyLk8Zs+48vCTVli6pKp1zZjR9YJZJeHym+cZ5YN/Q
KC1J9rOSi5a6N42CLkqycSbkIG49JI3TJY5N5j11J1If1XPQiPTqpZTtjJ4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:20:55 2025 by rpki-client